Golden Heart Administrative Professionals Ransomware Attack Impacts 44,600 Patients

Share this article on:

Golden Heart Administrative Professionals, a Fairbanks, AK-based billing company and business associate of several healthcare providers in Alaska, is notifying 44,600 individuals that some of their protected health information has potentially been accessed by unauthorized individuals as a result of a recent ransomware attack.

The ransomware was downloaded to a server containing the PHI of patients. According to a press release issued by the company, “All client patient information must assume to be compromised.”

Local and federal law enforcement agencies have been notified about the cyberattack and efforts are continuing to recover files.

The Golden Heart Administrative Professionals ransomware attack is the largest data breach reported by a healthcare organization in July, and the second major data breach to be reported by an Alaska-based healthcare organization in July.

In early July, the Alaska Department of Health and Social Services announced that it had suffered a data breach as a result of a malware infection. The Zeus/Zbot Trojan – an information stealer – had been downloaded which potentially allowed the attackers to gain access to the protected health information of ‘more than 500’ individuals.

Recent reports suggest ransomware attacks are declining, with many cybercriminal gangs switching operations to cryptocurrency mining; however, there does not appear to be any let up in ransomware attacks on healthcare organizations.

Last week, LabCorp, the national network of clinical testing laboratories, experienced a SamSam ransomware attack. The attack was detected within 50 minutes and systems were shut down to prevent widespread file encryption. The ransomware was downloaded following a brute force remote desktop protocol (RDP) attack. It is not currently known how many patients have been impacted by the attack, although some reports suggest millions of patients’ PHI may have been compromised.

On Monday, July 9, Cass Regional Medical Center in Harrisonville, MO, experienced a ransomware attack that resulted in its communications system and electronic medical record system being taken out of action. The medical center took the decision to redirect ambulances for stroke and trauma victims to alternate healthcare facilities. As with the LabCorp attack, the ransomware was downloaded to the server following a brute force RDP attack. The electronic medical record systems remained offline for 10 days as a result of the attack.

Author: HIPAA Journal

Share This Post On